Vulnerability Details : CVE-2011-2749
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
Vulnerability category: Input validationDenial of service
Threat overview for CVE-2011-2749
Top countries where our scanners detected CVE-2011-2749
Top open port discovered on systems with this issue
8200
IPs affected by CVE-2011-2749 341
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2011-2749!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2011-2749
Probability of exploitation activity in the next 30 days: 95.20%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-2749
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2011-2749
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-2749
-
http://www.ubuntu.com/usn/USN-1190-1
USN-1190-1: DHCP vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
Juniper Networks - 2016-10 Security Bulletin: CTPView: Multiple vulnerabilities in CTPViewThird Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:128
mandriva.comThird Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065176.html
[SECURITY] Fedora 14 Update: dhcp-4.2.0-23.P2.fc14Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=729382
729382 – (CVE-2011-2748, CVE-2011-2749) CVE-2011-2748 CVE-2011-2749 dhcp: denial of service flawsIssue Tracking;Patch;Third Party Advisory
-
https://bugzilla.redhat.com/attachment.cgi?id=517665&action=diff
Attachment 517665 Details for Bug 729382 – patch for dhcp-3.0.5 (RHEL-5)Issue Tracking;Third Party Advisory
-
http://www.isc.org/files/release-notes/DHCP%203.1-ESV-R3_0.html
Internet Systems ConsortiumVendor Advisory
-
http://www.securityfocus.com/bid/49120
ISC DHCP Multiple Denial of Service VulnerabilitiesThird Party Advisory;VDB Entry
-
https://hermes.opensuse.org/messages/11695711
openSUSE.org - 503Third Party Advisory
-
http://www.isc.org/software/dhcp/advisories/cve-2011-2748
Internet Systems ConsortiumVendor Advisory
-
http://www.isc.org/files/release-notes/DHCP%204.1-ESV-R3.html
Internet Systems ConsortiumVendor Advisory
-
http://lists.opensuse.org/opensuse-updates/2011-09/msg00014.html
openSUSE-SU-2011:1021-1: moderate: dhcp: Fixed two denial of service flaMailing List;Third Party Advisory
-
http://www.debian.org/security/2011/dsa-2292
Debian -- Security Information -- DSA-2292-1 isc-dhcpThird Party Advisory
-
http://security.gentoo.org/glsa/glsa-201301-06.xml
ISC DHCP: Denial of Service (GLSA 201301-06) — Gentoo securityThird Party Advisory
-
http://www.isc.org/files/release-notes/DHCP%204.2.2_0.html
Internet Systems ConsortiumVendor Advisory
-
http://securitytracker.com/id?1025918
ISC DHCP Packet Processing Bugs Let Remote Users Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.redhat.com/support/errata/RHSA-2011-1160.html
SupportThird Party Advisory
Products affected by CVE-2011-2749
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc8:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc9:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc5:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc14:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc11:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc6:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc7:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc10:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc12:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:rc13:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:b3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.1:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:b3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:a2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:a1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.1:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.2:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.2:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.2:rc3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.3:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.3:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.3:b3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.4:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.4:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.4:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.4:b3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.4:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.5:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.5:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.0.6:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1-esv:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.0:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.0:a1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.0:a2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.0:a3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.0:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.0:b2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.1:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.2:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.2:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.3:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.3:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:3.1.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0-esv:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.1:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.2:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.3:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.3:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.0.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r2:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r3:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:r3_b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1-esv:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.1:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.0:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.1:-:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.1:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:dhcp:4.2.1:rc1:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*